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'~{ • Abstract 

We reformulate a recently introduced interpolation-based unique de- 
coding algorithm of algebraic geometry codes using the theory of Grobner 
bases of modules on the coordinate ring of the base curve. With the same 
decoding performance, the new algorithm has a more conceptual descrip- 
tion that lets us better understand the majority voting procedure central 
■ in the interpolation-based unique decoding. 

^ '■ 1 Introduction 

^vQ , Recently a new kind of unique decoding algorithm of algebraic geometry codes 

ly^ ' appeared [2] . The algorithm decodes the primal AG code that consists of code- 

, words obtained by evaluation of functions at rational points of an algebraic 

' curve, unlike the classical syndrome decoding algorithm that decodes the dual 

, code. Based on Grobner bases of modules over a univariate polynomial ring, the 

' algorithm has a regular data and control structure that is suitable for parallel 
hardware implementation, like Kotter's algorithm for the syndrome decoding 

In this paper, we reformulate the previous algorithm, using the theory of 
Grobner bases of modules on the coordinate ring of the base curve. This ap- 
5J] , proach eliminates the technical complexity of the previous algorithm in a large 

degree, and results in a conceptually clean description of the algorithm which 
would contribute for better understanding the majority voting procedure, which 
plays a central role in the interpolation-based unique decoding. The new al- 
gorithm resembles the Berlekamp-Massey-Sakata algorithm for the syndrome 
decoding [3]. 

In Section [2l we review the theory of the Grobner bases of modules over 
the coordinate rings of algebraic curves, and outline the interpolation decoding 
algorithm based on it. The algorithm operates by iterating two core steps, 
the Grobner basis computation step and the message guessing step. Sections [3] 
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and m are devoted for each step. In Section [SJ we demonstrate the algorithm 
with Hermitian codes. In the remainder of this introduction, we briefly review 
basic facts about AG codes. Like the previous algorithm in [5] and the BMS 
decoding algorithm, the new algorithm is formulated for the AG codes from the 
Miura-Kamiya curves [3], which include Hermitian curves as prominent special 
cases. 

A Miura-Kamiya curve X is an irreducible plane curve defined by the equa- 
tion 

over a field F with gcd(a, h) = 1 and 7^ c? G F. It is well known that X has 
a unique point Poc at infinity and has a unique valuation vp^ associated with 
it. Let 5{J) — —vp^{f) for / in the coordinate ring R of X. Then 6{x) = a 
and 5{y) — b. By the equation of the curve, a function in the coordinate ring 
R ~ F[a;, y] can be written as a unique F-linear combination of monomials x'^y^ 
with i > and < j < a, which we call monomials of R. The numerical 
semigroup of R at Pqoj 

S - {S{f) I / e i?} - {Six^y^ U > 0,0 < J < a} 
^ {ai + bj \ i > 0,0 < j < a} = (a, b) 

is a subset of the Weierstrass semigroup at Poo- As gcd(a, 6) = 1, there is 
an integer 6' such that b'b = 1 (mod a), li s = ai + bj is a nongap, then 
b's mod a = j, (s — bj)/a = i, and therefore i and j are uniquely determined. 
Hence the monomials of R are in one-to-one correspondence with nongaps in S. 
For a nongap s, let ^ps be the unique monomial with 5{Lpa) = s. 

Let V — {Pi, P2, ■ . ■ , Pn} be a set of nonsingular rational points of X. The 
evaluation ev from R to the Hamming space F" defined by 

ip^MPl),ip{P2),...,ip{Pn)) 

is a linear map over F. Let w be a fixed positive integer less than n and define 

Lu = {feR\ Sif) <u}^{^s\seS,s<u), 

where brackets denote the linear span over F. Then the AG code C„ is defined 
as the image of L„ under ev. As u < n, the evaluation is one-to-one on L„. 
Therefore the dimension of the linear code C„ equals dimfLu = \{s E S \ s < 
u}\. 

2 Interpolation decoding 

We assume a codeword c in Cu is sent through a noisy communication channel 
and w G F" is the vector received from the channel. Let v = c + e with the error 
vector e. Then c — ev(/i) for a unique 

A« = X! ^'"'^^ ^ e F 
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We assume encoding by evaluation, and the vector {ujg \ s £ S,s < u) is the 
message encoded into the codeword c. The decoding problem is essentially to 
find ojs for all nongap s < u from the given v. 

For s > u, let t;'^) = v, c'") = c, and /i^^^ = /i. For nongap s < u, let 

and for gap s < u, let w^'*"!) = w^^), c^"-'^^ = c(^), and ^(''"i) = ^^■''> . Note that 

e L„ c(") = ev(/i(^)) e C„ = c(*) + e 

for all s. Hence we can find uj^ iteratively. 

A polynomial in R[z] defines a function on the product surface of X and the 
line Aj^, and can be evaluated at a point (P, a) with P E X,a E ¥. Hence we 
can define the interpolation module 

h = {f eRz®R \ f{P^, V,) =0,1 <i<n} 

for V and similarly for v^^\ These interpolation modules are indeed modules 
over R, and finite-dimensional vector space over F. Note that 

I„ = Riz -K) + J (1) 

where 

J = Pi nxi, ev{hy) = v, 

l<i<n 

andnxi = {x — ai,y — Pi) is the maximal ideal of i? associated with = {ai,j3i). 
Recall that by Lagrange interpolation, /i„ can be computed fast from v. We 
will see that the key to find oJs is the Grobner basis of I^{s) with respect to a 
monomial order >s, which is defined in the following. 

Let s be an integer. The monomial x^y^z^ of R\z\ is given the weight 
6{x^y^) + sk. In particular, the weighted degrees of the monomials x^y^ z and 
x'^y^ of Rz ® R are ai + 6j + s and ai + bj, respectively. The monomial order >s 
on Rz® R orders the monomials by their weighted degrees, and breaks the tie 
with higher z-degree. For f m. Rz® R, the notations lts(/), lms(/), and lcs(/) 
denote the leading term, the leading monomial, and the leading coefficient of /, 
respectively, with respect to >s. As f = z + with unique , E /tl, 
note that 

lm,(/)ePz ^ <5(/^) + .s><5(/^), 
where equality holds if and only if lms(/) G Rz and lms_i(/) E R. 

^The superscripts U and D may be read "upstairs" and "downstairs", respectively (with 
2 being the staircase). 



3 



Now let M be a submodule of Rz(BR. A subset S of M is called a Grdbner 
basis with respect to >s if the leading term of every element of M is divided by 
the leading term of some element of B. We will write 

B = {G.„F,} 

with i and j in some implicit index sets, where the leading term of Gi is in R 
while that of Fj is in Rz. The sigma set or S]s(Af) of M is the set of all 
leading monomials of polynomials in M with respect to >s. The delta set 
or As{M) of M is the complement of in the set of all monomials of Rz © R. 
We note that 

A, = {RznA,) u (i?n A,), 

= {RznT.s) u (RnEs). 

where U denotes disjoint union. For the case that M is an ideal of R, we 
may omit the superfluous s from the above notations, and denote >s simply 
by > in particular. Note that if lms(/) G Rz, then lms(/) = lm(/^)z, and 
if lms(/) e i?, then lms(/) = lm(/-^). It is easy to see by the definition of 
Grobner bases that 

dimF(i?^ © R/M) = |A^| = [A, n Rz\ + |A^ n R\ 

^|A({F,^})| + |A({Gf})|, 

where E(T), A(T) with a set of polynomials in R have natural definitions. 
As J is an ideal of R, it has a Grobner basis {77^} with respect to >, and 

dimwR/J =\A{J)\ = \A{{7j,})\=n (2) 

since J is the ideal associated with the sum of n rational points on X. By 
(dl, we see that dimw{Rz © R/Iy) = dimriR/J) = n. Let N = 5{hy). The set 
{rii}U{z — hy} is then a Grobner basis of /„ with respect to >Ar. Let us denote a 
Grobner basis of with respect to >s by i?*^*) = {G,, Fj}. Observe that if s is 
a nongap < m, then the set B = {Gi{z + ujsips), Fj{z + ujsips)} is still a Grobner 
basis of with respect to >s, but not with respect to >s-i in general. 

These observations lead to the following interpolation decoding algorithm. 

Interpolation Decoding Algorithm. Let v be the received vector. 

Initialize Compute hy. Let — {rji} Li {z — hy} where N — S{hy). 

Main Repeat the following for s from to 0. 

Ml If s is a nongap < u, then make a guess w''*-' for Wj, and let B = 
{G^{z + w^'^ips), Fj{z + w'^'''>ip,)}. Otherwise, let B = B^^l 

M2 Compute B(^-i) from B. 

Finalize Output (w^^^ | nongap s < u). 

In the next section, we will elaborate on the step M2. The results in the 
section will lay a foundation for Section |4l in which we give details of the main 
steps Ml and M2. 
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3 Grobner basis computation 



First we review the concept of the Icm, least common multiple, for the mono- 
mials of R. For two monomials (ps and tpt, we say tps divides (ft if there exists 
a unique monomial A such that 



The unique monomial A will be denoted by the quotient ipt/(ps- Note that ip^ 
divides ipt if and only if i — s is a nongap, and in this case, actually A = (ft-s- 
We will also simply say s divides tift — sisa. nongap. 

Proposition 1. Let s and t be nongaps that do not divide each other. Then 
there are unique nongaps li and I2 such that li and I2 are both divisible by s and 
t, and if a nongap c is divisible by s and t, then h or I2 divides c. 

Proof. Let s = asi + bs2 and t = ati + 6^2- Without loss of generality, we may 
assume si < ti and S2 > t2. Since s divides o(si + b), we also have ti < si + b. 

Now let li = ati + bs2 and I2 = a{si + b) + bt2. It is easily verified that h 
and I2 are divisible by s and t. Suppose a nongap c = aci + bc2 is divisible by s 
and t. Then c — s = a{ci — si) + b{c2 — S2) is a nongap as s divides c. Note that 



Therefore if C2 > S2, then Ci > Si while if C2 < S2, then ci > si + b. Similarly, 
as t divides c, if C2 > ^2, then ci > ti while if C2 < ^2, then a > ti + b. So in 
any case, we have at least ci >ti. Now let us check that c is divisible either by 
li or l2- Assume li does not divide c. Then ci < +6 as ci > ti + b contradicts 
our assumption. Therefore C2 > t2. If ci < si + b, then C2 > S2, which also 
contradicts the assumption. Therefore ci > si + b. Then I2 divides c. □ 

We will call (pi^ and ipi^ the Icms of <fis and (fit- In the case when (fig divides 
ipt, we will call ipt the 1cm of (ps and ipf. 

Let B = {Gi,Fj} be a Grobner basis of a submodule M oi Rz (B R with 
respect to >s. We want to compute a Grobner basis of the same module M 
with respect to >s-i from B. Note that while \ms-i{Gi) = lms{Gi) G R, we 
may have either lm.s-i{Fj) = lm.s{Fj) € Rz or \m.g-i[Fj) S R. Let and 
denote the sigma set and the delta set of M with respect to >s, respectively. 
Observe that 



5{ipt - X(ps) < S{ipt). 




C2 - S2 if C2 > S2, 

C2 — S2+ a if C2 < 82- 



Rz n c -R2 n s. 
Rz n As-i D RznA, 



RnEs-i D Rn'Es 
RnAs_i c -Rn A, 



For those j such that lms-i{Fj) = \ms{Fj) G Rz, define 



spoly(F,) = {Fj}. 
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li\ms-i{Fj) e i?nSs, then there is an i such that lms(Gi)|lms_i(Fj), and then, 
with one such i, define 

Finally, if \ms-i{Fj) G RD Ag, then define 

spoly(Fj) = {- TwrFj-T-TTTT'^i I V' is an 1cm of Im^^iiFj) and lm,{Gi)}. 

Its-i(rj) ■ iis((~'i) 

Proposition 2. For every f E spoly(_Fj), lni5_i(/) is in Rz. 

Proof. Recall that Ims(Fj) e Rz. Suppose lms_i(Fj) e R, and let -0 be an 1cm 
of lms_i{Fj) and Ims(Gj) for any i. Then 

^^]^G-f'^^ = '^^^^ ~ ^^^^^ + ^^^'^ < ^^^^ " 



Therefore 



± p _ ^ ^ ^c/^ 

^lt,_i(F,-) ' \ts{Gi) 



On the other hand, 



^^v^;^f^^ = ^^^^ " ^^^^^ + ^^^^^ = 
^^it:^^'''^ = ^^^^ ~ ^^^^^ + ^^^^^ = "^^^^^ 



As the monic terms cancel each other, we have 



Therefore 



'lt.-!(F,)^-'" MGif^''''^^' ^-^Kj,{F,f' lt.(Gi)' 



and hence 

For the case when lms_i(Fj) E RO S^, notice that lms_i(Fj) is the 1cm. □ 

Proposition 3. A monomial (p is in RH Ss-i */ and only if there exists an 
i such that \ms-i{Gi)\(fi or there exists a j such that lms_i(Fj) e i? n Ag 
lms_i(F,)|<^. 
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Proof. Both \m.s-i{Gi)\(p and \ms-i{Fj)\(p imply G i?nEs_i. Let us show the 
converse, li (p G RD Eg, then \ms{Gi)\(p for some i, and therefore \ms-i{Gi)\(p. 
As i?nEs_i D i?nEs, it remains to consider the case when ip e i?n (Es_i\Es). 

Suppose / e M is such that (/3 = lms_i(/) E RCi (Es_i\Es). Since (p ^ 
Rn Es, we must have lms(/) G i?^, and hence 

Then lm,(Fj)|lm,(/) for some j. As Ims(i^j) S we have S{Fj^) + s > SiFf), 
where actually equality holds as we will show now. Assume the contrary, that 
is, 

<5(Ff)+,s><5(F^). 



Then 



These imply 



contradictory to the assumption ip ^ RH'Ss- Hence S{Fj^) + s = 6{F^), and 
5{^^\rn,^,{F,)) = 5{f ) - 5{F]') + 5{F^) = 5{f) + s = 5{^). 

Therefore lm5_i(Fj)|i^, and \ms~i{Fj) £ Rn A^. □ 

Proposition 4. A monomial ip is in Rz D Es_i if and only if there exists a j 
such that lnis_i(/)|iy9 for some f G spoly(-Fj). 

Proof. By Proposition [21 the converse is clear. Let us assume (p € Rz fl Es_i. 
Suppose (p — lms_i(/) for some / G M. Then ip — \ms{f), and there exists 
some j such that \ms{Fj)\(p. If \ms^i{Fj) G Rz, then Fj G spoly(i^j) and 
lm,.i{Fj) = lms{F,)\ip. 

Suppose \ms-i{Fj) G i?nEs. Then there is an i such that \ms{Gi)\\nis-i{Fj) 
and 

' - ^^^^^G. G spoly(F,) 



ic,_i(j;) ' it,(G. 

and by ©, 
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Suppose \iRs-i{Fj) e R n As. Note that 

Sin + > Hf""), S{F^) + s = S{Ff), 

and hence 

^(^^/n - Sin - ^(^f ) + -^i^f ) =^ '^(r ) + > nn- 

Thus we see that 



and hence there is an i such that 



lm.(/) 



Now there is an 1cm ^ of lnis_i(Fj) and Ims(Gi) such that 

lni.(/) 

and 



^\^Z:^^^s-iiF,), (4) 



- T^17TTG^ e spoly(^;). 



lt,_i(^;) ' lt,(G, 
By ©, 

and finally from ([4]), 



lm,_i(F,) 



lm,(F,)|lm,(/) = (^. 



□ 



Combining the above results, we see that the set 

{G„ F, I lm,_i(Fj) e i? n A4 U U spoly(Fj) 

j 

is a Grobner basis of M with respect to >s-i- In general, the Grobner basis 
may contain more polynomials than necessary. Indeed, we can reduce each set 
in the union by removing polynomials whose leading term is divisible by that 
of other polynomial in the same set. We will denote the reduced Grobner basis 
of AI with respect to >s-i by 

{G,,F, I lm,_i(Fj) e i?n AJ'u|Jspoly(F,). 



8 



4 Message Guessing 

The ideal of the error vector e defined by 

Je = n 

has a Grobner basis {ci} with respect to >, and 

diniF i?/Je = |A(Je)| =wt(e). (5) 

Recall that B^*' = {G^,Fj} is a Grobner basis of with respect to >s- 
Observe that Je{z — ^'^^^) C Iy(s} , which result in T,{Je)z C T,s{Iy(B) ) n Rz, and 
hence As(4(.)) n Rz C A{Je)z. Therefore 

|A,(4(.,)ni?zH|A(i^^)|<wt(e). 

Now let s be a nongap < u. Let us consider the module 

L = {f{z + wips) I / e } C i?z © i?. 

for w e F. Note that 

is a Grobner basis of 7^, with respect to >s since lms(/(z + WLps)) — \Ta.s{f) for 
all / G . For the same reason, 

= A,(/^) = A,(4(.,). 

Observe that I^^ — I^(s-i). Hence 

|A,_i(4jni?z| <wt(e). (6) 

In Theorem 14.31 below . we will see that ujs is such a w that makes the value 

|A,_i(4)ni?z| 

smallest, provided that wt(e) is not too large. First note that 

|A,_i(/,„) n Rz\ + |A,_i(/^) n i?| = |A,_i(4)| = n, 
|A,(/^) n i?| + |A,(4) n Rz\ - |A,(/,„)| - n. 

Lemma 4.1. For w ^ uJs, 

|A,_i(4) n > n - |A(Je^,) n A(J)|. 

Proof. Observe that Je(z — (w^ — w)ips — ^^'*^^^) C /«, and J C 1^,. Therefore 
E{Je(ps) U E(J) C J:s-iilw) n i?, that is 

A,„i(/„) riRc A{Je^s) n A(j). 

Hence |As_i(/„,)ni?| < |A(Je93s)nA( J)|, equivalent to the second equality. □ 
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Lemma 4.2. | A( Je<^s)| = wt(e) + s. 
Proof. Note that 

|A(Je(p,)I = IE(i?)\S(J,^,)| = |A(Je)| + |S(i?)\E(i?^,)| 
= wt(e) + \S\{s + 5)1 = wt(e) + s. 

The equahty |S'\(s + S*)! — s holds for any numerical semigroup and can be 
proved by induction on the Frobenius number. □ 

Theorem 4.3. The value |As_i(/i„) ni?z| is smallest for w — uJs, provided that 

|A(J) U A(i?v5^)| - s > 2wt(e). 

Proof. We need to show that for w uJs, 

|A,_i(4)ni?z| > \As-i{L^) n Rz\. 

By © and the previous lemmas, a sufficient condition for the above is 

n - |A(J) n A{Jeips)\ > wt(e) 

n- |A(J)| - |A(Je^,)| + |A(J) U A{Jeips)\ > wt(e) 
|A(J) U A(Je.^5)| - s > 2wt(e) 

since |A(J)| = n. Finally note that |A(J) U A(Je(ps)| > |A(J) U A(iT!(ps)|. □ 

Note that |As_i(/u,) n Rz\ is smallest when so is 

|A,_i(4,) n Rz\ - \As{i^,) n Rz\ = I A, (4) n i?| - |A,_i(4) n i?| 

= |(A,(4)\A,_i(4))ni?)| 
= |Ss-i(4)nA,(4)ni?|. 

since |As(/^) n Rz\ ~ |As(/^(3)) n Rz\ is independent of w. The value 

|E,_i(/^)nA,(/^)ni?| 

can be computed using the Grobner bases of with respect to >s and >s-i. As 
we saw in Section[3l the Grobner basis of with respect to >s-i is determined 
from B, the Grobner bases of Iw with respect to >s. Precisely, according to 
Proposition [HI the set 

n A,(4) ni? 

is determined by \ms-i{Fj(z + wips)) that lies in As{Iw) H R. We note that for 
each j, there is a unique Wj G F such that 

lias-i{Fj{z + w.jLps)) € Rz, 

and \ms-i{Fj{z + wfs)) = lni(i^j^(/3s) G -R if and only if w ^ Wj. In fact, 

d 

where d is the coefficient of the monomial lm(F^(^s) in . 
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Proposition 5. 

(z + W(ps)) n As{Iw) 

Wj 

= y U S,_i(Fj(z + w(^,))n A,(4) 

where U denotes disjoint union. 

Proof. The first equality follows from Proposition|31 It remains to show that the 
second union is disjoint. Assume that for ci 7^ C2, there is a monomial if & R 
such that (p is in the intersection of 

y j:s-i{Fj{z + wips))r\A,{i^) 

Wj=Ci 

and 
Let 

(fi = ?/'lms-i(Fjj(2 + wiyJs)) = xlms-i(-Fj2(2: + 
with Wj-^ — ci, = C2, and monomials ?/'; X- Then we will show that 

^'^s{:^^^^^Fj,{z + w(ps) - ^^^^jj^ Fj^{z + wips)) = V, (7) 

contradicting the assumption that (p € As(/^). Indeed notice that ip = \m{ipFj^^(ps) 
\m{xFj^ips). Hence the coefficient of the monomial (p in the first term of the 
polynomial in ([7]) is 

where di is the coefficient of the monomial \m{Fj^tps) in Fj^. In the same way, 
the coefficient of the monomial (p in the second term after the minus in ([7]) is 

— \r:{w + d2) 



lc(K 



J2 ' 

where d^ is the coefficient of the monomial \va{F^^(p^ in F^^. These two coeffi- 
cients are different because we assumed 

d\ , d2 



ic(^^)^"^-^- ic(^;'^)- 

Hence ^ follows. □ 
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We observe that for c, w G F with w ^ c, 

Wj—C Wj—C 

Therefore this set is independent of w, and is determined by B^^\ Let 

= | U i](^;V)nA({Gf}). 

Wj—C 

Then Proposition [S] implies 

|A,_i(/^) n Rz\ - \Asiiyj) n i?z| = ^ 4 

is smallest when w = c with dc largest. Now we can elaborate the main steps 
of the interpolation decoding algorithm as follows: 

Ml If s is a nongap < u, then do the following, but otherwise let i? = {Gi, Fj}. 
Ml.l Compute the set W = {wj}, where 

d 

and d is the coefRcient of the monomial \m{Fj^(ps) in Fj^ . 
Ml. 2 For each c G W, compute the value 

dc^\\J S(i^V)nA({Gf}). 

Wj —c 

Ml. 3 Let w^^^ — c with largest dc, and let 

B = {G,(z + w^''^^s),F,{z + u.^^V.)}- 
M2 Suppose B ^ {Gi,Fj}. Let 

B(^-i) = {G,,F, I lm,^i(F,) G i?n A,({G,})}'uUspoly(i^,). 

j 

Theorem 4.4. The algorithm outputs w^''^ — ujs for all s (1 S, s < u if 

du — min v{s) > 2wt(e), 

s(ES.s<u 

where v{s) ~ |A(J) U A(i?(^s)| ~ s for s ^ S. Moreover du > n — u. 

Proof. By Theorem 14. 3[ the condition du > 2wt(e) implies that the algorithm 
computes w'*' = iHs for each iteration for nongap s from u to 0. To see d^ > 
n-u, notice that |A(J) U A{Rips)\ > |A(J)| = n. □ 
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5 Decoding Hermitian Codes 

In this section, we demonstrate the decoding algorithm on the Hermitian codes 
defined on Hermitian curves with equation 

?/« + y - a;«+i = 

over Fg2 . There are rational points on the Hermitian curve, and J = 
(a;' — x) . We now determine the performance of the decoding algorithm for 
the Hermitian code C„. 

Theorem 5.1. For nongap u < , 

\ q^ — aq b < a + q — q^ 
\q^ — u b> a + q — q 

if u ~ aq + b, < b < q. 

Proof. We first compute ^{s) for nongap s = qsi + S2 < q^. As 

|A(J) U A(i?</7,)| - |S](J) n A{Rip,)\ + |A(J)| 

^liteSlq'^+tis + Sjl + q'^. 

we have iy{s) ^ \{t e S \ q^ + t - s S}\ + q^ - s. Note that 

q^ + t- s = q{q^ + h - Si) + t2 - S2 

with t = qti + 12- Therefore q"^ + t — s ^ S if and only if 

t2 ~ S2> 0, q'^ + ti ~ Si < t2 - S2 

or 

^2 - S2 < 0, q'^ + ti - Si < q + 1 + t2 - S2. 
The first case is actually impossible since si < q^. Hence 

\{t e S \ q^ + t - s S}\ ^ S2 max{si - S2 + q + 1 - 0}. 

Thus 

t^is) = S2 max{si - S2 + q + 1 - q^ ,0} + q^ — s 

for s — qsi + S2 < q'^ ■ If a — b + q — q^ > 0, then the minimum is attained at 
s = aq, and hence du — q^ ~ aq while if a — b + q — q^ < 0, then the minimum 
is attained at s = u, and hence d„ = q'^ — u. □ 

Figure [T] shows the decoding performance du of Cu over the Hermitian curve 
+ y — x'^ = Q over Fg, where Fg = V^{a) with — a — 1 = 0. The 27 rational 
points on the curve are 

(0, 0), (0, a"), (0, a"), (1, 2), (1, a), (1, a^), (2, 2), (2, a), (2, a^), 
(a, 1), (a, a^), (a, a^), (a^, 2), (a^ a), (a^ a^), (a^ 1), (a^ a^), (a^ a^), 
(a^ 1), (a^, a^), (a^, a^), (a^, 1), {a\ a'), (a^a^), (a^, 2), (a^, a), (a^, a^), 
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^ 10 20 

Figure 1: Decoding performance of Hermitian codes of length 27 



and there is a unique point Poo at infinity. As S{x) = 3 and 6{y) = 4, the 
numerical semigroup of the coordinate ring R is 

5 =(3, 4) = {0,3, 4, 6, 7, 8, 9, 10,...}. 

Note that S has three gaps 1, 2, and 5. The monomials of R correspond to 
nongaps in S and are displayed in the diagram 



'/ 






■r'y' 


x^y^ 


x''y'^ 


x^'y^ 


x' y^ 


x:'y' 


■rV 




V 


xy 


x'v 


x-'y 


x'y 


x''v 


x''y 


x'y 


x'y 


x"y 




1 


X 


x^ 




X* 


x"' 






x» 


x'> 





Let u = 16. Then the Hermitian code Cie has dimension 14 and minimum 
distance 11, and the decoding algorithm can correct up to 5 errors. Suppose we 
received the vector 

V = (0, 0, 0, 0, 0, a^, 2, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, a^, 0, 0, a^, 0, 0, 2, 0) 

from a noisy channel. We now follow the steps of the decoding algorithm. 
The algorithm first compute the Lagrange interpolation of v, 

hy = oC'x^y^ + x'y'^ + OL'x^y + a' x^y^ + x'' y + 2.x® + a^x^y'^ 
+ x^y + ax'' + a^x'^y'^ + ax^y + a^'x^ + a^x^y"^ + a^x'^y 
+ 2x^7/ + a'x^y + 2a:'* + a^xy"^ + a^x^ + a^xy + x. 



The algorithm iterates the main steps for s from A'' = 5{hy) = 32 to 0. The 
ideal J has Grobner basis {rji = x^ — x}. Hence the Grobner basis of /„(32) = ly 
is 

Gi = 0; 



^(32) 



( Gi = Oz + x^-x 1 
\ Fi = Iz + a'x^y'^-{ j 
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Here the left diagram exhibits the monomials in 232(1^,(32)) n Rz omitting the 
common z variable, while the right diagram shows the monomials in S32(/j,(32) )n 
R. The leading terms of the polynomials in the Grobner basis are also shown. 

For s > u = 16 or a gap s, as B = {Gi, Fj} = S^'' = {Gi, Fj} in the step 
Ml, we will omit the tilde in the following. In the step M2, lm3i(i^i) = x^y"^ G 
-Rn A32(Gi), and the Icms of lm3i(i^i) = x^y^ and lm32(Gi) = x^ are x^y^ and 

x^"^. Hence spoly(Fi) = {axz + a^x^y'^ -\ \-a^x'^,ayz + a^x^^ -\ [-a^xy}. 

Then the Grobner basis of /„(3i) is 



S(3i) 



Oz 
Iz 



+ 
+ 



+ • • • 

a'x^y'^ 



axz + a^x^y^ + ■ 



ayz + 



a^x^^ + ■ 

























y 
























X 





















As lms(_F'i), lms(F2) G Rz for s = 31,30, there is no change in the Grdbner 
basis. So we get to the unaltered Grobner basis of /„(29) 



Oz + x^ + ■■■ 
Iz + a'x^y^ + • 

ax z + ot'x^y'^ + ■ 



= ayz 

























y 
























X 





































x^y^ 



















































Now since lm29(G2) = x^y^ divides Im28(-Fi) = x^y^ and lm29(Gi) = x^ divides 
lm28(F2) = x", both Im28(-Fi) and lm28(F2) are in n E29(Gi, G2) Thus 

spoly(Fi) = {2xz + oC' z + a^x'^y + • ■ • + ax{, 
spoly(F2) = {2yz + a^x^y"^ H h a^xy}. 

Hence the Grobner basis of /„(2s) is 



_B(28) 



f Gi = Oz + T'^ + ■■■ 
G2 = Iz + a'^x^y'^ + ■ 
Fi = {2x + a'^)z + a^x^y + -' 

F2 = '^yz + Q!^X^t/2 + ' 
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Similar steps are iterated. Eventually, we get to the Grobner basis of /^(le) , 



^(16) ^ 



r Gi = 




Oz 


+ + 


< = 


(a^xy + . 




+ oF'x'y + 




{o?x^ + • 


••)^ 


+ 


I F, = 


{oc'v^ + • 




+ + • ■ • 



Now s = 16 is a nongap and <u~ 16. So in the step Ml, wc proccxxi to guess 
Wie for the monomial lyJie = x^y. The leading coefficient of F\ is a'^ and the 
coefficient of the monomial x^y in F\ is 0, where x^y is the leading monomial 
of .x^93i6- Hence Ji'i = — (O/a^) = 0. The leading coefficient of Fi is q'' and the 
coefficient of the monomial x^ in i<2 is 1, where xF' is the leading monomial of 
y^i^ie. Hence W2 = -(1/a^) = ot' . So = {0, cJ}. The shape of 

U S(F/^i6) n A({Gf }) = E(x'^y) n A(:.9,x^2/) 
is 




and thus do = 2. On the other hand, the shape of 

U S(if (^16) n A({Gf }) = Y.{x?)V\^{x\x'y) 

is 



.T'ly 




and thus do,? = 1. Hence we take w;*^^^' = 0. Then 



r Gi 






Oz 


+ 


x9 + • • • 


> 


< 


= {a^xy 
= {p?x^ 


+ . 
+ ■ 


..)z 
■■)z 


+ 
+ 


a^x'^y + • • 



> 


\ F2 


= {a'y^ 


+ ■ 


■■)z 


+ 


x^ ^ — 


> 



In the step M2, lmi5(Fi) = x'^z G Rz and lmi5(F2) = € i? n Ai5(Gi,G2)- 

So spoly(i^i) = {Fi}, and since the 1cm of lmi5(i^2) = x^ and lmi5(Gi) = x^ is 
x^ , and the Icms of Imi5(f2) and lmi5(G2) = x'^y are x^y and x^^ , 

spoly(F2) = {a^xy^z H ha;, a^x'^z H h x^, a^x^y^z H h a^xy}. 
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Removing redundant polynomials, we have 

{Gi, G2, -F2}' = {G2, F2}, 
(spoly(Fi) U spolyFs)' = {Fi,a^xy'^z + --- + x}. 

Thus the Grobner basis of /„(i5) is 



B(15) = 





{o?xy 


+ ■ 




+ o?x^y H — 


> 


G2 = 


{a'y' 


+ ■ 




+ a;* + • ■ • 




Fi = 


{oP'x^ 


+ • 




+ 


> 


F2 = 


[pt'xy^ 


+ • 




+ Ix'^y + ■ • ■ 





Continuing in this way, after the last iteration for s = 0, we get to the Grobner 
basis of , 



r Gi = 


(p?xy + 


■••)^ 


+ 


2 7 
a X y 


< = 




.■■)z 


+ 


x^ + ■ 




(cp-x^ + 


.■■)z 


+ 





F2 = 


(.xy^ + 


■■■)z 


+ 






















































x^ 















































































x^ 







Finally, the algorithm output (w^*^ = | nongap s < 16). 



6 Remarks 

We presented an interpolation-based unique decoding algorithm for the primal 
algebraic geometry codes. The algorithm iteratively finds each entry of the sent 
message by a majority voting procedure. We showed that the majority voting is 
successful if the codeword encoding the message is close enough to the received 
vector. 
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